I'm setting-up a proof-of-concept for a client to integrate Azure AD B2C into an Azure APIM portal. I setup a new Azure B2C tenant, however, it looks like something went wrong when the B2C tenant was created. When I click on the App Registrations menu item, a blank page is displayed when using the latest Microsoft Edge browser. When I click on the Applications (Legacy) menu item, a message is displayed stating that this blade was deprecated back in September of 2021 (it's now February of 2023) and that I should use the App Registrations blade... which is obviously blank.
How do I fix this?
I don't see any warnings or errors in the web browsers Developer Tools console suggesting something failed to load.
Related
I'm trying to create a custom attribute on Azure AD B2C, I'm following this guide, but when in the Azure AD B2C screen I can't see the User attributes option on the sidebar, it pops up while the page loads, but then quickly goes away.
This is just a development site I've got, and I believe I've got all permissions, what am I missing here?
Link your directory to a subscription
https://learn.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-tenant#create-an-azure-ad-b2c-tenant
In the Azure AD B2C Blade specific to that B2C Tenant is the Applications blade. When creating an Application from the Applications Blade in the Tenant there is no option to set the homepage url.
This is different than When creating an App Registration in the outer hosting Azure AD app registrations. When I register an app with Azure AD (in the B2C tenant) I get the option to set the URL home page for the app registration.
Why does MS grey out and suppress the Homepage URL in the Applications in the Tenant? Menu path to the blade is: Home > Azure AD B2C – Applications > MyApp-Properties .
MS warns you that for all B2C Tenant Applications you can only manipulate the app via the Web Portal GUI and that you should not use graph, PowerShell, or other screens to do the editing.
Anyone know why this B2C App url homepage field is not available to applications in the B2C tenant?
The actual "Applications" Created within the B2C Blade are not stored within the associated tenant. These app registrations are associated to the B2C Service itself.
As the Home Page URL is not actually used by B2C (it is more used by things likethe App Portal or other services like Application Proxy) there is no need to supply it.
I used to manage bot and channel registrations via https://dev.botframework.com/bots.
I'm running an app service on azure that is hosting my bot. This app service is under a corporate azure subscription and I login to azure with my company O365 account via my organizations's sign-in page.
I use this login for eu.luis.ai, portal.azure.com, apps.dev.microsoft.com and dev.botframework.com.
Since i'm trying to migrate the bots, I'm facing several issues:
The migration button
When pressing the migration button, I'm getting the error
Failed to find any Azure subscriptions for the current user.
From Scratch "Bot Channel Registration"
In the Azure portal, when I create a new Bot Channels Registration I'm able to see it on dev.botframework.com, but in the azure portal on the blades Channels, Test in Web Chat and Analytics (IFrame to dev.botframework.com) I get the error
There was an error refreshing your sign-in information. Refresh and try again.
But: When I open the IFrame source in a new tab, I'm able to access those pages.
Where goes my app in the Application Registration Portal?
In the newly created "Bot Channel Registration" resource on azure, when I click the "manage" link for the Microsoft App Id, I get an error, that the application is not available or not assigned to my account (but I'm still logged in with the same credentials).
What I tried so far:
- I asked several collegues to try the same (they all have the same problem)
- Deleted browser cache, tried in-private sessions, tried different browsers etc., logged out & in, ...
- I also have no live account with my organizations email address
- For the migration button problem, I was able to hack around the problem using a chrome extension to replace authorizations headers for requests going to https://management.azure.com with the access token from the azure portal.
It looks to me to some kind of token incompatibility but I'm not sure where the problem needs to be fixed.
Any ideas or help appreciated!
see also:
https://learn.microsoft.com/en-us/Bot-Framework/bot-service-migrate-bot
https://feedback.azure.com/forums/223579-azure-portal/suggestions/32714965-bot-registration-unusable-after-migration#comments
I tried running my custom policy for sign-up/sign-in from the portal using the 'Run Now' feature and got this:
https://login.microsoftonline.com/mytenant.onmicrosoft.com?code=eyJraWQiOiJmNXlKcktmRjZtRl9EaVd4b0d5Sm1pT0F1aXV2OEVYSHVuc1lmaXNwZlBRIiwidmVyIjoiMS4wIiwiemlwIjoiRGVmbGF0ZSIsInNlciI6IjEuMCJ9.oxgR8PRpiFRkCljn6J9qg1Ag802wZjbFkP92d-UitjRpfF3fpk0K_Dc71aLG3J0DXvpGWAZGh80HHdgjNh61C0PnKWahLwShMJGlDo5CXvePbh0E416-OmHGtWG7wiEeLamXe1ZZCR1v6rtqfRKH6rZubV7wNH6Fmvbi00y-fUh_BVWo9Pr6WqQAjHGYyUCt30cEgwJbWR3v8vpn2QzKpDjeNt0jBC8tsjyZZ1omE7omtEgmtSH-wUE4EXYFwTpofDo7yiL7TDKU6RIm1-8e8iExbjpyitmieBjuTId1GDMG6Ju3lmcL6DkQwQJETeKP1r7ScC-y6D7yDPkzX_rotg.06iXOYdfOkmIzEXu.TklqnriQ_OnivJ2zYq_MNj6jZganCvDPC1JSuwAO7pmzUFR_YHUephGXwQK51R7o2O8OLhm8T6D3JNNHTZR35oPamGIWbjp60KqZKcTKuX1lhmoAfpCCk34zbhEzST4oBQV9gRxVF0ZapCUHGFUd4Mhzg3oXGGmzZ5SgUEE7IvN2adsqPPFc9egBKh_hRFItcb4inK-7a493sD_rh1l6SOlbZQ_FyUKf7g8G9Qd62GnthVS0LNoFH_qz57JTgN79Hwg02JerV5TkWNTZWBCZI-pp-X2h9NLu2Sfa5Q59lmqjZaofo4_kBiQ192H02_i0M94sQMYvdO9gcDjpcfc8bfX67wBvb7dibo_WeOhdanyEnAaxbNy00mSdhXlY-lQcPf8iOk0mRSCeIgo-LPBTD8pZsmtYsluz5M47eBoB4KXPXCBggt9YxBxFJ_p-OP51PWRgjo0aiYUirtA9eMkxGd0eNMEeyUm2t7ztK-6PGIfVsgoV4yt-bgdOSkc.BWAsQ3x2JmxHVJAPMDfK6w
What does this mean? I would expected to have been redirected to my url with the id_token.
This has happened a few times to me.
You will only get an id_token if your request asks for it in the response_type parameter.
The 'Run Now' feature in the Azure AD B2C portal will only include response_type=id_token if the Application you select in the Select application dialog meets these to criteria:
Is an Azure AD v2 App. Apps have to be created via the Azure AD B2C Applications blade for them to include a request for the id_token. The picker also shows up v1 Apps, aka apps created via the App Registrations blade, but those won't include id_token in the request.
Has Implicit Flow enabled. By default, apps created via the Azure AD B2C Applications blade have this setting enabled, but it can be disabled manually.
You can check the URL that shows up in the Run now endpoint textbox to see if the given application you've picked results in the inclusion of id_token in the authorization request.
If you'd like this behavior to be tweaked (not show V1 apps, always include id_token, etc), you can always add a request in the Azure AD B2C feedback forum
It happened to me again and I figured out what is going on. The problem is the order the dropdown changes sometimes.
So most of the time, the app dropdown loads like this:
But sometimes it loads like this and apparently, ProxyIdentityExperienceFramework will request a code:
Recently I integrated Azure B2C to my Xamarin app. As per the requirement I want to allow user sign in with their Microsoft account. I followed the steps mention here - learn.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-setup-msa-app In this article they selected web but I selected Mobile as I am working on mobile app. But when I go to azure portal, click run now button on sign up or sign in policies blade, then click Microsoft it gives me below error -
We're unable to complete your request
Microsoft account is experiencing technical problems. Please try again later.
Here is the error URL -
https://login.live.com/err.srf?lc=1033#error=invalid_request&error_description=The+provided+value+for+the+input+parameter+'redirect_uri'+is+not+valid.+The+expected+value+is+'https://login.live.com/oauth20_desktop.srf'+or+a+URL+which+matches+the+redirect+URI+registered+for+this+client+application.&state=
I would greatly appreciate any help. Thank you!